<?php
	class DBAccess {
		private $query;
		private $db;
		private $res;
		
		public function __construct() {
			$this->db = mysql_connect(DB_HOSTNAME, DB_USERNAME, DB_PASSWORD)
						or die('Database Connection Error : ' . mysql_error());
		}
		
		public function setQuery($query) {
			$this->query = $query;
		}
		
		public function executeQuery() {
			mysql_select_db('futura');
			$this->res = mysql_query($this->query) or die('Failed to execute Query because of the following error : ' . mysql_error());
		}
		
		public function fetchRow() {
			return mysql_fetch_row($this->res);
		}
		
		public function numRows() {
			return mysql_num_rows($this->res);
		}
		
		public function numAffectedRows(){
			return mysql_affected_rows();
		}
		
		public function verify_credentials() {
			$relogged = 0;
			
			
			if(isset($_SESSION['username']) and isset($_SESSION['password'] )){
				$username = $_SESSION['username'];
				$password = $_SESSION['password'];
				
			}
			else{
				if(isset($_POST['username']) and isset($_POST['password'])){
					$_SESSION['username']=$_POST['username'];
					$_SESSION['password']=$_POST['password'];
					$username = $_SESSION['username'];
					$password = $_SESSION['password'];
					
					
				}
				else{
					unset($_SESSION['username']);
					unset($_SESSION['password']);
					$username ="";
					$password ="";
				}
			}
			
			$relogQuery = "UPDATE user SET relogged = 1 WHERE logged = 1 AND username = '" . $username . "'";
			$this->setQuery($relogQuery);
			$this->executeQuery();
			//if($this->numAffectedRows() > 0) echo "updated";
			$query = "SELECT * FROM user WHERE relogged = 1 AND logged = 1 AND username = '" . $username . "'";
			$this->setQuery($query);
			$this->executeQuery();
			if($this->numRows() > 0) $relogged = 1;
			
			if($relogged == 1){
				//echo "returning";
				return "logged";
			}
			
			$query = "SELECT * FROM user WHERE username = '" . $username . "' AND password = '" . md5($password) . "'";
			$this->setQuery($query);
			$this->executeQuery();
			if($this->numRows() > 0){
				$logged = 1;
				$query = "UPDATE user SET logged = " . $logged . " WHERE username = '" . $username . "'";
				$this->setQuery($query);
				$this->executeQuery();
				return "true";
			}
			return "false";
		}

        public function Logoff(){
        	session_start();
			$logged = 0;
			$username = $_SESSION['username'];

            
            $query = "UPDATE user SET logged = " . $logged . " WHERE username = '" . $username . "'";
            $this->setQuery($query);
            $this->executeQuery();
            $query = "UPDATE user SET relogged = 0 WHERE username = '" . $username . "'";
            $this->setQuery($query);
            $this->executeQuery();
            
        }
		public function RegisterUser(){
			$username = $_POST['username'];
			$password = $_POST['password'];
            
			$query = "SELECT * FROM user WHERE username = '" . $username . "'";
			$this->setQuery($query);
			$this->executeQuery();
			if($this->numRows() > 0){
				return false;
			}
            $fname = $_POST['fname'];
            $lname = $_POST['lname'];
            $dob = $_POST['dob'];
			$query = "INSERT INTO user VALUES ('" . $fname . "', '" . $lname . "', '" . $username . "', '" . md5($password) . "', '" . $dob . "', 0, 0)";
			$this->setQuery($query);
			$this->executeQuery();
			return true;
		}
	}
?>
